Should You Be Worried About Ransomware?

Cyber attacks in which criminals pose as law enforcement to try to get money out of users are on the rise.

It's another normal day on the Internet, but halfway through a funny cat video, your computer shuts down. A message fills your screen, informing you in bold letters accompanied by an FBI logo that you have been caught downloading illegal content. You are instructed to pay a fine immediately in order to regain use of your computer.

This kind of attack is called ransomware, and experts say it is on the rise. This malicious software locks users' computers and demands a ransom for unlocking them. Recently, criminals have begun to pose as law enforcement agencies, using official language and sometimes even agency logos. The messages claim authorities have evidence that users committed a crime online, such as downloading pirated media or illegal pornography. In some cases, the software takes over the computer's webcam and photographs the user. The ransom is disguised as a "fine" for the crime, usually ranging from $50 to $400. And—surprise!—paying the ransom almost never results in having the computer unlocked.

As with other types of malware, ransomware infects computers when commands hidden within a website's code trigger a stealthy download. Some time later, the criminals strike. Most often, these commands lurk in websites run by criminals, aimed at seedy but popular online content, such as pirated media and pornography. But sometimes the website itself is a victim. According to Symantec's 2013 Internet Security Threat Report (ISTR), criminals sometimes manage to insert their download code into legitimate websites, or in advertisements that appear on otherwise innocent sites.

To protect yourself and your computer, maintain good Internet security practices, including keeping your computer's operating system and security software up to date. Always download patches and updates for your operating system, and install good security software and download updates as soon as they become available. Ad-blocking software can offer an extra layer of protection from codes hidden in advertisements.

However, the best security software in the world will not save your computer if you recklessly expose it to risks. Just as you would avoid a bad neighborhood in your own city, stay away from the seedier areas of the Internet, which are more likely to host malware and other attacks.

For additional peace of mind, be prepared in case of infection. Marian Merritt, Internet security advocate at security software company Norton, says, "It's really hard to get rid of this stuff; it can shut down even legitimate security software." And it probably will not be stymied by booting up your computer in safe mode. Save the recovery disks that came with your operating system, and back up your files to an external drive, another computer, or the cloud to minimize loss and inconvenience in case of attack. Do not pay the ransom. It will probably do you no good, and may give criminals access to your financial information.

Ransomware is not a new threat, but in the last year, it has become more effective and more popular with criminals. Kevin Haley, director of security response at Internet security company Symantec, tells PM, "Ransomware has been around for many years, but in 2012, the cyber criminals solved two problems that had prevented it from becoming a popular type of cyber crime."

First, the ubiquity of online payment tools such as PayPal has helped make it quicker, easier, and safer for criminals to get their hands on the ransom. Second, criminals have discovered that posing as law enforcement with official-looking messages may make victims more likely to pay up, Haley says.

Last year's increase in ransomware attacks started in Eastern Europe, he tells PopMech, but spread rapidly to other areas, including the United States. Haley said that attacks have increased fivefold so far in 2013, and experts anticipate that the trend will continue, mostly because of the profitability of the crime, ease of attack, and effectiveness of the criminals' new tactics.

In 2012, for example, Symantec's ISTR said that a group of criminals running a ransomware command and control server made about $30,000, despite the fact that only three percent of their 5300 victims actually paid.

A Part of Hearst Digital Media
Popular Mechanics participates in various affiliate marketing programs, which means we may get paid commissions on editorially chosen products purchased through our links to retailer sites.